The following defect(s) have been fixed in this cumulative patch for the Wind River libpng:
WIND00299598 Security Advisory - libpng - CVE-2009-5063
WIND00254766 Security Advisory - libpng - CVE-2011-0408
WIND00291621 Security Advisory - libpng - CVE-2011-2501
WIND00291617 Security Advisory - libpng - CVE-2011-2690
WIND00291619 Security Advisory - libpng - CVE-2011-2691
WIND00291620 Security Advisory - libpng - CVE-2011-2692
----------------------------------------------------------------------------------------
Change List:
/layers/wrll-wrlinux/dist/libpng/Makefile
/layers/wrll-wrlinux/dist/libpng/libpng.spec
/layers/wrll-wrlinux/dist/libpng/patches/libpng-fix-CVE-2011-0408.patch
/layers/wrll-wrlinux/dist/libpng/patches/libpng-fix-CVE-2011-2501.patch
/layers/wrll-wrlinux/dist/libpng/patches/libpng-fix-CVE-2011-2690.patch
/layers/wrll-wrlinux/dist/libpng/patches/libpng-fix-CVE-2011-2691.patch
/layers/wrll-wrlinux/dist/libpng/patches/libpng-fix-CVE-2011-2692.patch
/layers/wrll-wrlinux/dist/libpng/patches/libpng-fix-CVE-2009-5063.patch
Requires Wind River Linux Secure 1.0 to be installed
1. Unzip this patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/wrInstaller/x86-linux2/wrInstaller"
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the libpng package. This can be done by executing the command "make -C build libpng.distclean" followed by "make -C build libpng.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.
DATE: 22 Feb 2012
REVISION: Add file WRLS_1_0-base-tgt-libpng-20120216-spin1.zip and includes fix to defect WIND00299598 WIND00254766 WIND00291621 WIND00291617 WIND00291619 WIND00291620
